Skip to Content
Author's profile photo Torsten Kessler

Use the reporting name in Exit-variables for authorization – Addendum

This blog has been translated with Google Translate. the original blog can be found here:

In the block Use the reporting name in Exit-variables for authorization I have shown as the name of a report in the processing of exit variables in the context of the authorization may be used. In this block, I show what restrictions are taken into account.

The customer exit is traversed twice in the context of authorization. In the first pass the COMPID field is not yet available in the memory, and the call


returns for l_compid nothing. With the following code to ensure that all users of the report ZTKE_EXIT_VAR_AUTH’ only the information on the country Germany (DE) is obtained.


   DATA: TYPE l_compid rszcompid,

         ls_range TYPE rrrangesid.

   IMPORT FROM MEMORY ID l_compid compid = COMPID’.

   CASE l_compid.


          ls_range-sign = ‘I’.

          ls_rangeopt = EQ’.

          ls_rangelow = EN’.

          APPEND TO ls_range c_t_range.




The first call in I_STEP = 0 still determined not COMPID and thus no value for the processed here exit variable comes back as part of the authorization. In the second call, the COMPID can be determined and the permission is restricted to DE.

The first call has the consequence that we in the execution of the report, the warning

You do nothaveanalysisauthorizationforanychar. values​​of char. 0COUNTRY

get, see Figure 2.1. the authorization

By default, the variables are determined buffered values ​​in the context of the authorization check. To ensure that the values ​​can be evaluated in the second pass, the buffering in the RSECADMIN (see Figure 2.1) can be switched off. This is only possible system-wide!


Figure 2.1: Variablen Pufferung deaktivieren

After the buffer was switched off, we get no warnings regarding. The lack of analysis authorization more.

Unfortunately, there is no alternative to turning off the buffer. The analysis authorization concept clearly states that an analysis of authorization should be made ​​to the data and not the reporting object.

Assigned Tags

      Be the first to leave a comment
      You must be Logged on to comment or reply to a post.